TY - JOUR
T1 - The Study of a Risk Assessment System based on PageRank
AU - Kuo, Cheng Chung
AU - Hou, Chia Ling
AU - Yang, Chu Sing
N1 - Funding Information:
The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This work was supported in part by the Ministry of Science and Technology of Taiwan, under Contracts MOST 108-2218-E-006-035 and 108-3116-F-006-008-CC2.
Publisher Copyright:
© 2019 Taiwan Academic Network Management Committee. All rights reserved.
PY - 2019
Y1 - 2019
N2 - In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.
AB - In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.
UR - http://www.scopus.com/inward/record.url?scp=85078213575&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85078213575&partnerID=8YFLogxK
U2 - 10.3966/160792642019122007022
DO - 10.3966/160792642019122007022
M3 - Article
AN - SCOPUS:85078213575
SN - 1607-9264
VL - 20
SP - 2255
EP - 2264
JO - Journal of Internet Technology
JF - Journal of Internet Technology
IS - 7
ER -